science-ation/super/backuprestore.php

<?
/* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca

   Copyright (C) 2008 James Grant <james@lightbox.org>

   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public
   License as published by the Free Software Foundation, version 2.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
*/
?>
<?
require("../common.inc.php");
require_once("../user.inc.php");
superuser_required();

//make sure backup/restore folder exists, and htaccess it to deny access
if(!file_exists("../data/backuprestore"))
	mkdir("../data/backuprestore");
 if(!file_exists("../data/backuprestore/.htaccess"))
 	file_put_contents("../data/backuprestore/.htaccess","Order Deny,Allow\r\nDeny From All\r\n");


if($_GET['action']=="backup") {
$ts=time();
$dump="#SFIAB SQL BACKUP: ".date("r",$ts)."\n";
$dump.="#SFIAB VERSION: ".$config['version']."\n";
$dump.="#SFIAB DB VERSION: ".$config['DBVERSION']."\n";
$dump.="#SFIAB FAIR NAME: ".$config['fairname']."\n";
$dump.="#-------------------------------------------------\n";

$tableq=mysql_query("SHOW TABLES FROM `$DBNAME`");
while($tr=mysql_fetch_row($tableq)) {
	$table=$tr[0];
	$dump.="#TABLE: $table\n";
	$columnq=mysql_query("SHOW COLUMNS FROM `$table`");
	$str="INSERT INTO `$table` (";
	unset($fields);
	$fields=array();
	while($cr=mysql_fetch_object($columnq)) {
		$str.="`".$cr->Field."`,";
		$fields[]=$cr->Field;
	}
	$str=substr($str,0,-1);
	$str.=") VALUES (";

	$dataq=mysql_query("SELECT * FROM `$table` ORDER BY `{$fields[0]}`");
	while($data=mysql_fetch_object($dataq)) {
		$insertstr=$str;
		foreach($fields AS $field) {
			if(is_null($data->$field))
				$insertstr.="NULL,";
			else
			{
				$escaped=str_replace("\\","\\\\",$data->$field);
				$escaped=str_replace("'","''",$escaped);
				$escaped=str_replace("\n","\\n",$escaped);
				$escaped=str_replace("\r","\\r",$escaped);
				$insertstr.="'".$escaped."',";
			}
		}
		$insertstr=substr($insertstr,0,-1);
		$insertstr.=");";

		$dump.=$insertstr."\n";
	}
}
header("Content-Type: text/sql");
header("Content-Disposition: attachment; filename=sfiab_backup_".date("Y-m-d-H-i-s",$ts).".sql");
header("Content-Length: ".strlen($dump));
//Make IE with SSL work
header("Pragma: public");
echo $dump;
}
else if($_POST['action']=="restore") {
	echo send_header("Database Backup/Restore",
 		array('Committee Main' => 'committee_main.php',
			'System Setup' => 'super/index.php')
            ,"backup_restore"
	);
	echo i18n("Processing file: %1",array($_FILES['restore']['name']))."<br />\n";
	echo "<br />\n";
	do {
		//hmm just some random filename
		$tmpfilename=md5(rand().time().$_FILES['restore']['name']);
	} while(file_exists("../data/backuprestore/$tmpfilename"));

	move_uploaded_file($_FILES['restore']['tmp_name'],"../data/backuprestore/$tmpfilename");

	$fp=fopen("../data/backuprestore/$tmpfilename","r");

	for($x=0;$x<4;$x++) {
		$line=fgets($fp,1024);
		$hdr[$x]=explode(":",trim($line),2);
	}
	fclose($fp);

	if(trim($hdr[0][0])=="#SFIAB SQL BACKUP") {

		echo "<table class=\"tableview\">\n";
		$now=date("r");
		echo "<tr><th>".i18n("Information")."</th><th>".i18n("Restore File")."</th><th>".i18n("Live System")."</th></tr>\n";
		if(trim($hdr[0][1])<trim($now)) $cl="happy"; else { $cl="error"; $err=true; }
		echo "<tr class=\"$cl\"><td>".i18n("Date/Time")."</td><td>".$hdr[0][1]."</td><td>$now</td></tr>\n";
		if(version_compare(trim($hdr[1][1]),$config['version'])==0) $cl="happy"; else { $cl="error"; $err=true; }
		echo "<tr class=\"$cl\"><td>".i18n("SFIAB Version")."</td><td>".$hdr[1][1]."</td><td>".$config['version']."</td></tr>\n";
		if(version_compare(trim($hdr[2][1]),$config['DBVERSION'])==0) $cl="happy"; else { $cl="error"; $err=true; } 
		echo "<tr class=\"$cl\"><td>".i18n("Database Version")."</td><td>".$hdr[2][1]."</td><td>".$config['DBVERSION']."</td></tr>\n";
		if(trim($hdr[3][1])==$config['fairname']) $cl="happy"; else { $cl="error"; $err=true; } 
		echo "<tr class=\"$cl\"><td>".i18n("Fair Name")."</td><td>".$hdr[3][1]."</td><td>".$config['fairname']."</td></tr>\n";
		echo "</table>\n";
		echo "<br />\n";
		if($err) {
			echo error(i18n("Warning, there are discrepencies between the restore file and your current live system. Proceed at your own risk!"));
		}

		echo "<form method=\"post\" action=\"backuprestore.php\">\n";
		echo "<input type=\"hidden\" name=\"action\" value=\"restoreproceed\">\n";
		echo "<input type=\"hidden\" name=\"filename\" value=\"".$_FILES['restore']['name']."\">\n";
		echo "<input type=\"hidden\" name=\"realfilename\" value=\"$tmpfilename\">\n";
		echo "<input type=\"submit\" value=\"".i18n("Proceed with Database Restore")."\">";
		echo "</form>\n";
		echo "<br />\n";
		echo "<a href=\"backuprestore.php\">";
		echo i18n("If you are not going to proceed, please click here to clean up the temporary files which may contain confidential information!");
		echo "</a>\n";
	}
	else
	{
			echo error(i18n("This file is NOT a SFIAB SQL BACKUP file"));
			echo i18n("Only backups created with the SFIAB Backup Creator can be used to restore from.");
			echo "<br />\n";
	}

	send_footer();
}
else if($_POST['action']=="restoreproceed") {
	echo send_header("Database Backup/Restore",
 		array('Committee Main' => 'committee_main.php',
			'System Setup' => 'super/index.php')
            ,"backup_restore"
	);

	//make sure the filename's good before we used it
	if(ereg("^[a-z0-9]{32}$",$_POST['realfilename']) && file_exists("../data/backuprestore/".$_POST['realfilename'])) {
		$filename=$_POST['realfilename'];
		echo i18n("Proceeding with database restore from %1",array($_POST['filename']))."...";
		$lines=file("../data/backuprestore/$filename");
		$err=false;
		echo "<pre>";
		foreach($lines AS $line) {
			$line=trim($line);
			if(ereg("^#TABLE: (.*)",$line,$args)) {
				//empty out the table
				$sql="TRUNCATE TABLE `".$args[1]."`";
		//			echo $sql."\n";
				mysql_query($sql);
			}
			else if(ereg("^#",$line)) {
				//just skip it
			}
			else
			{
				//insert the new data
				mysql_query($line);
				if(mysql_error()) {
					echo $line."\n";
					echo mysql_error()."\n";
					$err=true;
				}
			}
		}
		echo "</pre>";
		if($err) {
			echo error(i18n("An error occured while importing the restore database"));
		}
		else
			echo happy(i18n("Database successfully restored"));

		unlink("../data/backuprestore/$filename");
	}
	else
		echo error(i18n("Invalid filename"));

	send_footer();

}
else
{
	echo send_header("Database Backup/Restore",
 		array('Committee Main' => 'committee_main.php',
			'System Setup' => 'super/index.php')
            ,"backup_restore"
	);


	//we try to remove temp files every time we load this page, who knows, maybe they navigated away 
	//last time instead of clicking the link to come back here
	$dh=opendir("../data/backuprestore");
	$removed=false;
	while($fn=readdir($dh)) {
		if(ereg("[a-z0-9]{32}",$fn)) {
			unlink("../data/backuprestore/$fn");
			$removed=true;
		}
	}
	closedir($dh);

	if($removed) {
		echo happy(i18n("Temporary files successfully removed"));
	}


	echo "<h3>".i18n("Backup Database")."</h3>\n";
	echo "<a href=\"backuprestore.php?action=backup\">".i18n("Create Database Backup File")."</a><br />\n";
	echo "<br /><br />\n";
	echo "<hr />\n";

	echo "<h3>".i18n("Restore Database")."</h3>\n";
	echo error(i18n("WARNING: Importing a backup will completely DESTROY all data currently in the database and replace it with what is in the backup file"));
	echo "<form method=\"post\" action=\"backuprestore.php\" enctype=\"multipart/form-data\">\n";
	echo "<input type=\"hidden\" name=\"action\" value=\"restore\">\n";
	echo "<input type=\"file\" name=\"restore\">\n";
	echo "<input type=\"submit\" value=\"".i18n("Upload Restore File")."\">\n";
	echo "</form>\n";


	send_footer();
}

?>
Add backup/restore functionality - need to add icon still Fix bug where title was leaving room for an icon even if there was no icon 2008-09-24 21:56:11 +00:00			`<?`
			`/*`
			`This file is part of the 'Science Fair In A Box' project`
			`SFIAB Website: http://www.sfiab.ca`

			`Copyright (C) 2008 James Grant <james@lightbox.org>`

			`This program is free software; you can redistribute it and/or`
			`modify it under the terms of the GNU General Public`
			`License as published by the Free Software Foundation, version 2.`

			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU`
			`General Public License for more details.`

			`You should have received a copy of the GNU General Public License`
			`along with this program; see the file COPYING. If not, write to`
			`the Free Software Foundation, Inc., 59 Temple Place - Suite 330,`
			`Boston, MA 02111-1307, USA.`
			`*/`
			`?>`
			`<?`
			`require("../common.inc.php");`
			`require_once("../user.inc.php");`
Authenticate and check for superuser on all /super pages 2010-07-15 19:52:44 +00:00			`superuser_required();`
Add backup/restore functionality - need to add icon still Fix bug where title was leaving room for an icon even if there was no icon 2008-09-24 21:56:11 +00:00
			`//make sure backup/restore folder exists, and htaccess it to deny access`
			`if(!file_exists("../data/backuprestore"))`
			`mkdir("../data/backuprestore");`
			`if(!file_exists("../data/backuprestore/.htaccess"))`
			`file_put_contents("../data/backuprestore/.htaccess","Order Deny,Allow\r\nDeny From All\r\n");`


			`if($_GET['action']=="backup") {`
			`$ts=time();`
			`$dump="#SFIAB SQL BACKUP: ".date("r",$ts)."\n";`
			`$dump.="#SFIAB VERSION: ".$config['version']."\n";`
			`$dump.="#SFIAB DB VERSION: ".$config['DBVERSION']."\n";`
			`$dump.="#SFIAB FAIR NAME: ".$config['fairname']."\n";`
			`$dump.="#-------------------------------------------------\n";`

			$tableq=mysql_query("SHOW TABLES FROM `$DBNAME`");
			`while($tr=mysql_fetch_row($tableq)) {`
			`$table=$tr[0];`
			`$dump.="#TABLE: $table\n";`
			$columnq=mysql_query("SHOW COLUMNS FROM `$table`");
			$str="INSERT INTO `$table` (";
			`unset($fields);`
			`$fields=array();`
			`while($cr=mysql_fetch_object($columnq)) {`
			$str.="`".$cr->Field."`,";
			`$fields[]=$cr->Field;`
			`}`
			`$str=substr($str,0,-1);`
			`$str.=") VALUES (";`

			$dataq=mysql_query("SELECT * FROM `$table` ORDER BY `{$fields[0]}`");
			`while($data=mysql_fetch_object($dataq)) {`
			`$insertstr=$str;`
			`foreach($fields AS $field) {`
			`if(is_null($data->$field))`
			`$insertstr.="NULL,";`
			`else`
			`{`
			`$escaped=str_replace("\\","\\\\",$data->$field);`
			`$escaped=str_replace("'","''",$escaped);`
			`$escaped=str_replace("\n","\\n",$escaped);`
			`$escaped=str_replace("\r","\\r",$escaped);`
			`$insertstr.="'".$escaped."',";`
			`}`
			`}`
			`$insertstr=substr($insertstr,0,-1);`
			`$insertstr.=");";`

			`$dump.=$insertstr."\n";`
			`}`
			`}`
			`header("Content-Type: text/sql");`
			`header("Content-Disposition: attachment; filename=sfiab_backup_".date("Y-m-d-H-i-s",$ts).".sql");`
			`header("Content-Length: ".strlen($dump));`
Merge all changes from branch r1284:1498 into trunk 2009-09-09 00:26:12 +00:00			`//Make IE with SSL work`
			`header("Pragma: public");`
Add backup/restore functionality - need to add icon still Fix bug where title was leaving room for an icon even if there was no icon 2008-09-24 21:56:11 +00:00			`echo $dump;`
			`}`
			`else if($_POST['action']=="restore") {`
			`echo send_header("Database Backup/Restore",`
			`array('Committee Main' => 'committee_main.php',`
refactor config into config & super pages, 'config' page is now 'conference config' specifically for the conference, all non-conference related tasks are moved to the superuser page 2010-06-23 21:18:06 +00:00			`'System Setup' => 'super/index.php')`
Add backup/restore functionality - need to add icon still Fix bug where title was leaving room for an icon even if there was no icon 2008-09-24 21:56:11 +00:00			`,"backup_restore"`
			`);`
			`echo i18n("Processing file: %1",array($_FILES['restore']['name']))."<br />\n";`
			`echo "<br />\n";`
			`do {`
			`//hmm just some random filename`
			`$tmpfilename=md5(rand().time().$_FILES['restore']['name']);`
			`} while(file_exists("../data/backuprestore/$tmpfilename"));`

			`move_uploaded_file($_FILES['restore']['tmp_name'],"../data/backuprestore/$tmpfilename");`

			`$fp=fopen("../data/backuprestore/$tmpfilename","r");`

			`for($x=0;$x<4;$x++) {`
			`$line=fgets($fp,1024);`
PHP 5.3 DEPRECATED split() so, convert all split()'s to explode()'s 2010-09-10 19:38:56 +00:00			`$hdr[$x]=explode(":",trim($line),2);`
Add backup/restore functionality - need to add icon still Fix bug where title was leaving room for an icon even if there was no icon 2008-09-24 21:56:11 +00:00			`}`
			`fclose($fp);`

			`if(trim($hdr[0][0])=="#SFIAB SQL BACKUP") {`

			`echo "<table class=\"tableview\">\n";`
			`$now=date("r");`
			`echo "<tr><th>".i18n("Information")."</th><th>".i18n("Restore File")."</th><th>".i18n("Live System")."</th></tr>\n";`
			`if(trim($hdr[0][1])<trim($now)) $cl="happy"; else { $cl="error"; $err=true; }`
			`echo "<tr class=\"$cl\"><td>".i18n("Date/Time")."</td><td>".$hdr[0][1]."</td><td>$now</td></tr>\n";`
			`if(version_compare(trim($hdr[1][1]),$config['version'])==0) $cl="happy"; else { $cl="error"; $err=true; }`
			`echo "<tr class=\"$cl\"><td>".i18n("SFIAB Version")."</td><td>".$hdr[1][1]."</td><td>".$config['version']."</td></tr>\n";`
			`if(version_compare(trim($hdr[2][1]),$config['DBVERSION'])==0) $cl="happy"; else { $cl="error"; $err=true; }`
			`echo "<tr class=\"$cl\"><td>".i18n("Database Version")."</td><td>".$hdr[2][1]."</td><td>".$config['DBVERSION']."</td></tr>\n";`
			`if(trim($hdr[3][1])==$config['fairname']) $cl="happy"; else { $cl="error"; $err=true; }`
			`echo "<tr class=\"$cl\"><td>".i18n("Fair Name")."</td><td>".$hdr[3][1]."</td><td>".$config['fairname']."</td></tr>\n";`
			`echo "</table>\n";`
			`echo "<br />\n";`
			`if($err) {`
			`echo error(i18n("Warning, there are discrepencies between the restore file and your current live system. Proceed at your own risk!"));`
			`}`

			`echo "<form method=\"post\" action=\"backuprestore.php\">\n";`
			`echo "<input type=\"hidden\" name=\"action\" value=\"restoreproceed\">\n";`
			`echo "<input type=\"hidden\" name=\"filename\" value=\"".$_FILES['restore']['name']."\">\n";`
			`echo "<input type=\"hidden\" name=\"realfilename\" value=\"$tmpfilename\">\n";`
			`echo "<input type=\"submit\" value=\"".i18n("Proceed with Database Restore")."\">";`
			`echo "</form>\n";`
			`echo "<br />\n";`
			`echo "<a href=\"backuprestore.php\">";`
			`echo i18n("If you are not going to proceed, please click here to clean up the temporary files which may contain confidential information!");`
			`echo "</a>\n";`
			`}`
			`else`
			`{`
			`echo error(i18n("This file is NOT a SFIAB SQL BACKUP file"));`
			`echo i18n("Only backups created with the SFIAB Backup Creator can be used to restore from.");`
			`echo "<br />\n";`
			`}`

			`send_footer();`
			`}`
			`else if($_POST['action']=="restoreproceed") {`
			`echo send_header("Database Backup/Restore",`
			`array('Committee Main' => 'committee_main.php',`
refactor config into config & super pages, 'config' page is now 'conference config' specifically for the conference, all non-conference related tasks are moved to the superuser page 2010-06-23 21:18:06 +00:00			`'System Setup' => 'super/index.php')`
Add backup/restore functionality - need to add icon still Fix bug where title was leaving room for an icon even if there was no icon 2008-09-24 21:56:11 +00:00			`,"backup_restore"`
			`);`

			`//make sure the filename's good before we used it`
			`if(ereg("^[a-z0-9]{32}$",$_POST['realfilename']) && file_exists("../data/backuprestore/".$_POST['realfilename'])) {`
			`$filename=$_POST['realfilename'];`
			`echo i18n("Proceeding with database restore from %1",array($_POST['filename']))."...";`
			`$lines=file("../data/backuprestore/$filename");`
			`$err=false;`
			`echo "<pre>";`
			`foreach($lines AS $line) {`
			`$line=trim($line);`
			`if(ereg("^#TABLE: (.*)",$line,$args)) {`
			`//empty out the table`
			$sql="TRUNCATE TABLE `".$args[1]."`";
			`// echo $sql."\n";`
			`mysql_query($sql);`
			`}`
			`else if(ereg("^#",$line)) {`
			`//just skip it`
			`}`
			`else`
			`{`
			`//insert the new data`
			`mysql_query($line);`
			`if(mysql_error()) {`
			`echo $line."\n";`
			`echo mysql_error()."\n";`
			`$err=true;`
			`}`
			`}`
			`}`
			`echo "</pre>";`
			`if($err) {`
			`echo error(i18n("An error occured while importing the restore database"));`
			`}`
			`else`
			`echo happy(i18n("Database successfully restored"));`

			`unlink("../data/backuprestore/$filename");`
			`}`
			`else`
			`echo error(i18n("Invalid filename"));`

			`send_footer();`

			`}`
			`else`
			`{`
			`echo send_header("Database Backup/Restore",`
			`array('Committee Main' => 'committee_main.php',`
refactor config into config & super pages, 'config' page is now 'conference config' specifically for the conference, all non-conference related tasks are moved to the superuser page 2010-06-23 21:18:06 +00:00			`'System Setup' => 'super/index.php')`
Add backup/restore functionality - need to add icon still Fix bug where title was leaving room for an icon even if there was no icon 2008-09-24 21:56:11 +00:00			`,"backup_restore"`
			`);`


			`//we try to remove temp files every time we load this page, who knows, maybe they navigated away`
			`//last time instead of clicking the link to come back here`
			`$dh=opendir("../data/backuprestore");`
			`$removed=false;`
			`while($fn=readdir($dh)) {`
			`if(ereg("[a-z0-9]{32}",$fn)) {`
			`unlink("../data/backuprestore/$fn");`
			`$removed=true;`
			`}`
			`}`
			`closedir($dh);`

			`if($removed) {`
			`echo happy(i18n("Temporary files successfully removed"));`
			`}`


			`echo "<h3>".i18n("Backup Database")."</h3>\n";`
			`echo "<a href=\"backuprestore.php?action=backup\">".i18n("Create Database Backup File")."</a><br />\n";`
			`echo "<br /><br />\n";`
			`echo "<hr />\n";`

			`echo "<h3>".i18n("Restore Database")."</h3>\n";`
Add a bunch of missing i18n()'s 2008-10-06 19:09:00 +00:00			`echo error(i18n("WARNING: Importing a backup will completely DESTROY all data currently in the database and replace it with what is in the backup file"));`
Add backup/restore functionality - need to add icon still Fix bug where title was leaving room for an icon even if there was no icon 2008-09-24 21:56:11 +00:00			`echo "<form method=\"post\" action=\"backuprestore.php\" enctype=\"multipart/form-data\">\n";`
			`echo "<input type=\"hidden\" name=\"action\" value=\"restore\">\n";`
			`echo "<input type=\"file\" name=\"restore\">\n";`
Add a bunch of missing i18n()'s 2008-10-06 19:09:00 +00:00			`echo "<input type=\"submit\" value=\"".i18n("Upload Restore File")."\">\n";`
Add backup/restore functionality - need to add icon still Fix bug where title was leaving room for an icon even if there was no icon 2008-09-24 21:56:11 +00:00			`echo "</form>\n";`


			`send_footer();`
			`}`

			`?>`